terraform apply failing at secret kubernetes_sa

[shahjay988]

Terraform Version Details

{

"terraform_version": ""1.9.8"",

"terraform_revision": "null",

"terraform_outdated": "true",

"provider_selections": "{"registry.terraform.io/hashicorp/azuread":"1.5.0","registry.terraform.io/hashicorp/azurerm":"2.62.0","registry.terraform.io/hashicorp/cloudinit":"2.2.0","registry.terraform.io/hashicorp/external":"2.1.0","registry.terraform.io/hashicorp/kubernetes":"2.3.1","registry.terraform.io/hashicorp/local":"2.1.0","registry.terraform.io/hashicorp/null":"3.1.0","registry.terraform.io/hashicorp/template":"2.2.0","registry.terraform.io/hashicorp/tls":"3.1.0"}"

}

Terraform Variable File Details

prefix = "prd-viya4"
location = "centralindia"
ssh_public_key = "~/.ssh/id_rsa.pub"

Bring your own existing networking resources

#vnet_resource_group_name = "" # RG for BYO resources
#vnet_address_space = "10.90.36.0/25"

Bring your own existing networking resources

resource_group_name = "prd-sasviya-aks-rg01"# RG for aks resources
nsg_name = "prd-sasviya-nsg02"
aks_uai_name = "prd-viya4-iden"
vnet_resource_group_name = "prd-sasviya-aks-rg01" # RG for BYO resources
vnet_name = "prd-sasviya-vnet01" # only needed if using pre-existing
subnet_names = {
"aks": "prd-sasviya4-aks-subnet01",
"misc": "prd-sasviya4-misc-subnet01",
}
#aks_network_plugin = "azure"
#aks_network_policy = "calico"

General config

kubernetes_version = "1.30.0"

Jump Box

create_jump_vm = false
create_jump_public_ip = false
jump_vm_admin = "jumpuser"
jump_vm_machine_type = "Standard_D2as_v4"
jump_rwx_filestore_path = "/viya-share"

tags in azure

tags = { "resourceowner" = "[email protected]", "project_name" = "prd-viya4-aks", "environment" = "Production" }

Azure Auth

not required if already set in TF environment variables

tenant_id = "63e3630c-ec5a-433b-ac21-819675b9a12c"
subscription_id = "f84e19d0-7991-4eff-b684-d5f077c3c76c"
#client_id =
#client_secret =
#use_msi = false

Admin Access

IP Ranges allowed to access all created cloud resources

#default_public_access_cidrs = ["10.24.0.0/13", "10.160.0.0/16", "10.90.0.0/16", "20.0.0.0/8", "10.90.32.37/32"]

Storage

"standard" creates NFS server VM, "ha" creates Azure Netapp Files

Storage for SAS Viya CAS/Compute

storage_type = "standard"
#storage_type = "ha"

Required ONLY when storage_type is "standard" to create NFS Server VM

create_nfs_public_ip = false # # we want to be able to access our NFS server VM form the outside.
nfs_vm_admin = "nfsuser"
nfs_vm_machine_type = "Standard_E4s_v4"
nfs_raid_disk_size = 3072
nfs_raid_disk_type = "Premium_LRS"

Required ONLY when storage_type = ha for Azure NetApp Files service

#netapp_service_level = "Standard"
#netapp_size_in_tb = 5.5
#netapp_protocols = "NFSv3"
#netapp_volume_path = "export"

Default node pool

default_nodepool_vm_type = "Standard_E4s_v4"
default_nodepool_min_nodes = 1
default_nodepool_max_nodes = 3
default_nodepool_max_pods = 110
default_nodepool_os_disk_size = 200
default_nodepool_availability_zones = ["1"]

Additional node pools

node_pools_availability_zone = "1"
node_pools_proximity_placement = false

AKS Node Pools config

node_pools = {
cas = {
"machine_type" = "Standard_E32ds_v4"
"os_disk_size" = 200
"min_nodes" = 1
"max_nodes" = 3
"max_pods" = 110
"node_taints" = ["workload.sas.com/class=cas:NoSchedule"]
"node_labels" = {
"workload.sas.com/class" = "cas"
}
},
compute = {
"machine_type" = "Standard_E32-8ds_v4"
"os_disk_size" = 200
"min_nodes" = 3
"max_nodes" = 3
"max_pods" = 110
"node_taints" = ["workload.sas.com/class=compute:NoSchedule"]
"node_labels" = {
"workload.sas.com/class" = "compute"
"launcher.sas.com/prepullImage" = "sas-programming-environment"
}
},
stateless = {
"machine_type" = "Standard_E8s_v4"
"os_disk_size" = 200
"min_nodes" = 2
"max_nodes" = 3
"max_pods" = 110
"node_taints" = ["workload.sas.com/class=stateless:NoSchedule"]
"node_labels" = {
"workload.sas.com/class" = "stateless"
}
},
stateful = {
"machine_type" = "Standard_E8s_v4"
"os_disk_size" = 200
"min_nodes" = 1
"max_nodes" = 3
"max_pods" = 110
"node_taints" = ["workload.sas.com/class=stateful:NoSchedule"]
"node_labels" = {
"workload.sas.com/class" = "stateful"
}
}
}

Azure Monitor

create_aks_azure_monitor = false

Steps to Reproduce

terraform apply

Expected Behavior

Terraform should apply successfully with creation of this secret.

Actual Behavior

{

"terraform_version": ""1.9.8"",

"terraform_revision": "null",

"terraform_outdated": "true",

"provider_selections": "{"registry.terraform.io/hashicorp/azuread":"1.5.0","registry.terraform.io/hashicorp/azurerm":"2.62.0","registry.terraform.io/hashicorp/cloudinit":"2.2.0","registry.terraform.io/hashicorp/external":"2.1.0","registry.terraform.io/hashicorp/kubernetes":"2.3.1","registry.terraform.io/hashicorp/local":"2.1.0","registry.terraform.io/hashicorp/null":"3.1.0","registry.terraform.io/hashicorp/template":"2.2.0","registry.terraform.io/hashicorp/tls":"3.1.0"}"

}

Additional Context

No response

References

No response

Code of Conduct

• I agree to follow this project's Code of Conduct